Cymulate Reviews (174)

Reviews

Cymulate Reviews (174)

4.9
174 reviews

What do users say?

Generated using AI from real user reviews
Users consistently praise Cymulate for its ease of use and comprehensive security validation, allowing organizations to conduct realistic attack simulations effortlessly. The platform's ability to provide actionable insights and automated assessments helps teams prioritize vulnerabilities effectively. However, some users note that the initial learning curve can be moderate for those unfamiliar with breach and attack simulation tools.

Pros & Cons

Generated from real user reviews
View All Pros and Cons
Search reviews
Filter Reviews
Clear Results
G2 reviews are authentic and verified.
SA
Shubham A.
Enterprise (> 1000 emp.)
"Comprehensive BAS with Easy Setup and Stellar Coverage"
5/5
What do you like best about Cymulate?

I am using Cymulate for BAS assessment, and I appreciate its ability to find loopholes or security gaps, allowing me to mitigate them. I like the assessment coverage area and that I can do WAF assessment, hopper assessment, endpoint assessment, and email gateway assessment. Cymulate covers all aspects I need, and setting it up is easy thanks to the agent-based setup and provided guide. I find it the best product in BAS, and I am likely to recommend it highly. Review collected by and hosted on G2.com.

What do you dislike about Cymulate?

I feel that AI-related assessments should be added more. Review collected by and hosted on G2.com.

Response from Aviva Spotts of Cymulate

Thank you for your detailed feedback—we’re glad to hear you’re getting value from the wide range of assessments, especially for purple teaming and testing web and firewall defenses. It’s great to know the setup process was smooth and helped you get up and running quickly.

We also appreciate you pointing out gaps in some assessment scenarios. That’s important feedback, and we’re sharing it internally.

Thanks again for being part of the Cymulate community.

Verified User in Computer & Network Security
UC
Verified User in Computer & Network Security
Enterprise (> 1000 emp.)
"Realistic, Continuous Security Validation Without Disrupting Production"
5/5
What do you like best about Cymulate?

What I value most is its ability to provide realistic, continuous validation of our security posture without disrupting production systems. It’s efficient and intuitive to use, which makes it easy for us to run tests regularly and incorporate them into our ongoing continuous security validation process. Review collected by and hosted on G2.com.

What do you dislike about Cymulate?

Sometimes it’s difficult to get Cymulate working smoothly because of our company’s internal policies and restrictions. Review collected by and hosted on G2.com.

Response from Aviva Spotts of Cymulate

Thank you for the thoughtful review. We’re glad to hear Cymulate is helping you move toward a more continuous and proactive approach to security validation. Shifting from theoretical risk to what’s actually exploitable is a meaningful step, and it’s great to see that impact reflected in how you prioritize remediation.

We also appreciate your calling out the challenges posed by internal policies and restrictions. That’s a reality for many organizations, and your feedback is valuable.

Thanks again for sharing your experience and being part of Cymulate.

FU
Faik U.
InfoSec Manager
Enterprise (> 1000 emp.)
"Customizable, Scenario-Based Attacks with Clear Mitigation Guidance"
4.5/5
What do you like best about Cymulate?

Email and endpoint attacks are customizable—scenario-based. There are lots of types of attacks in the attack database. The attack scenarios occur on a fast-paced SaaS platform. Mitigation strategies are also described in great detail and are easy to understand. Review collected by and hosted on G2.com.

What do you dislike about Cymulate?

Not too much - reporting system is a bit awkward. Not so much detailed. Lots of modules that needs to be considered before buying. Good integration options but needs to be bought seperately. Review collected by and hosted on G2.com.

Response from Aviva Spotts of Cymulate

Hi Faik,

Thanks for your thoughtful review—we’re glad Cymulate is helping you validate security gaps and take action quickly.

We appreciate the candid feedback on reporting and platform structure, and will be sure to pass it along to our team.

Great to hear the ease of testing without additional deployment is making your workflow simpler.

Thanks again for sharing your experience!

Verified User in Oil & Energy
AO
Verified User in Oil & Energy
Mid-Market (51-1000 emp.)
"Continuous Validation: A True Blessing for Security Leaders"
5/5
What do you like best about Cymulate?

Cymulate helped us fine-tune and optimize our SOC & SIEM, stay ahead of threats, and build resilient operations through its exceptional continuous validation. It also helps us easily detect configuration drifts in ever-changing infrastructure environments, which I find crucial and it is a true blessing for a security manager. With the advanced visibility and clear proof of ROI, it provides the exact justification we need to present to the board. Review collected by and hosted on G2.com.

What do you dislike about Cymulate?

I had no problems or difficulties using the product. Review collected by and hosted on G2.com.

Response from Aviva Spotts of Cymulate

Thank you for taking the time to leave your review—we really appreciate it.

It’s great to see Cymulate play a role not just in testing security controls, but also in helping you build more confidence in day-to-day operations and leadership discussions. When security teams can clearly demonstrate impact and stay aligned with a constantly changing environment, that’s where real value shows up.

Thanks again for sharing your experience and for being part of Cymulate.

A
Akanksha .
Security Executive
Enterprise (> 1000 emp.)
"Real-Time Security Validation with Automated BAS 2.0 Scenarios"
4.5/5
What do you like best about Cymulate?

It is great tool to assess our security tools, gives real-time view, we can automate the assessments, with BAS 2.0 now, we can run more scenarios to validate security of the tools Review collected by and hosted on G2.com.

What do you dislike about Cymulate?

Overall, the product is great, but sometimes support team little slower in providing the resolution Review collected by and hosted on G2.com.

Response from Aviva Spotts of Cymulate

Thank you for sharing your feedback—we’re glad to hear the platform is helping you gain real-time visibility, automate assessments, and get more value from the new capabilities. Stay tuned...there is more to come!

We also appreciate your calling out your experience with support. That’s important feedback, and we’re sharing it with the right teams to help improve response times.

Thanks again for being part of the Cymulate community.

Tony R.
TR
Tony R.
Head of Cibersecurity Operations
Enterprise (> 1000 emp.)
"Validating security with Cymulate"
4.5/5
What do you like best about Cymulate?

The simulations are very realistic and easy to execute, allowing for quick evaluation of different attack vectors.

The platform offers clear reports with remediation priorities, facilitating decision-making.

Its continuous approach helps improve security posture without disrupting operations. Review collected by and hosted on G2.com.

What do you dislike about Cymulate?

The initial learning curve can be moderate if there is no prior experience with BAS.

Some advanced simulations require technical adjustments or additional licenses.

The reports in Spanish could be more comprehensive. It should be possible to create dashboards with more representative KPIs. Review collected by and hosted on G2.com.

PK
Prathamesh K.
Network Security Engineer
Mid-Market (51-1000 emp.)
"Cymulate:Comprehensive Security posture testing Reviewed"
4/5
What do you like best about Cymulate?

I like best about Cymulate is its intuitive and user-friendly interface, which makes it easy to set up and manage continuous security validation across our environment. The platform provides comprehensive attack simulations that help identify vulnerabilities before attackers can exploit them. I also appreciate the actionable insights and remediation guidance that allow our team to prioritize and address critical risks quickly. The real-time reporting and variety of testing modules—from phishing simulations to lateral movement—make Cymulate a valuable tool for strengthening our organization’s security posture. Review collected by and hosted on G2.com.

What do you dislike about Cymulate?

I dislike about Cymulate is that some advanced features can be a bit complex to configure, and initial setup may take more time if you are new to the platform. Sometimes, reports can contain a lot of details, which may feel overwhelming for beginners. Review collected by and hosted on G2.com.

Response from Aviva Spotts of Cymulate

Thanks so much for the detailed review! We’re thrilled Cymulate is helping your team stay ahead of threats with real-time simulations, actionable insights, and a user-friendly experience. It’s great to hear the platform is making a real impact on your security posture. We appreciate your note on advanced feature complexity and report depth—we’re always working to improve usability while keeping the power under the hood. Thanks again for your trust!

AR
Adesh R.
Security analyst
Enterprise (> 1000 emp.)
"Clear, Automated Security Validation with Actionable Remediation Steps"
5/5
What do you like best about Cymulate?

It provides automated, continuous security validation that clearly shows real-world attack exposure and the steps needed for remediation. Review collected by and hosted on G2.com.

What do you dislike about Cymulate?

Limited customization options and occasional false positives can make it challenging to fine-tune the results. Review collected by and hosted on G2.com.

Response from Aviva Spotts of Cymulate

Thank you for your thoughtful review—we’re glad to hear Cymulate is helping you identify real-world exposure and accelerate remediation through continuous validation.

We also appreciate you highlighting the challenges around customization and occasional false positives. That’s valuable feedback, and we’re sharing it with the right teams as we are always looking to improve.

Thanks again for being part of the Cymulate community and sharing your experience.

Elmar G.
EG
Elmar G.
Especialista en Seguridad de Aplicaciones
Enterprise (> 1000 emp.)
"Operationalizing Security Validation at Scale"
5/5
What do you like best about Cymulate?

I love how Cymulate turns continuous, safe attack simulations into actionable, MITRE-mapped fixes with one-click retesting. It centralizes App/Email/Web/EDR/WAF/ASM validation, integrates with our stack, and gives exec-ready reporting to prove risk reduction month over month. Review collected by and hosted on G2.com.

What do you dislike about Cymulate?

Exec PDFs are clean but layout/branding and metric granularity (per control/subcontrol trends) feel constrained. Review collected by and hosted on G2.com.

Response from Aviva Spotts of Cymulate

Thank you for taking the time to share your feedback. We’re glad to hear Cymulate is helping you maintain continuous validation, identify configuration drift, and clearly demonstrate security posture changes across your environment.

We appreciate you calling out your experience with executive reporting as well. We’ve shared your perspective with the appropriate internal teams to ensure it’s visible and considered as part of ongoing discussions.

Thanks again for your thoughtful review and for being part of the Cymulate community.

Verified User in Financial Services
AF
Verified User in Financial Services
Enterprise (> 1000 emp.)
"Automated Purple Teaming simplified with Cymulate"
4.5/5
What do you like best about Cymulate?

1) Variety of comprehensive security assessments and detailed reports that provide mitigation guidance across multiple security vectors.

2) excellent customer support

3) Easy deployment Review collected by and hosted on G2.com.

What do you dislike about Cymulate?

1) The dashboard customization and reporting system could be improved, as the overall score is calculated as an average of all assessments conducted since day one, potentially limiting more granular insights.

2) The customer support team should adopt a more proactive approach, as reported issues often take over a month to be resolved. Review collected by and hosted on G2.com.

Response from Aviva Spotts of Cymulate

Thanks for the thoughtful review! We're glad Cymulate is helping you easily discover misconfigurations and security gaps and that our platform supports your detection engineering and evaluation efforts. We're sorry you experienced a delay with support. We strive to resolve tickets quickly and will make sure your feedback is shared with the team. Thanks again for your trust in Cymulate!